On Fri, Jan 16, 2026 at 8:03 AM vboudevin via lists.openembedded.org <[email protected]> wrote: > > Changes since v3: > - Patch 2/4: > * Add variables to control offline mode, source URI and > SRCREV for deterministic testing (GENERATE_CVE_EXCLUSIONS_SRC_URI, > GENERATE_CVE_EXCLUSIONS_SRCREV, GENERATE_CVE_EXCLUSIONS_NETWORK). > * Updated generate_cve_exclusions task scheduling to be executed before > do_cve_check. > > Changes since v2: > - Patch 4/4: Inherit the new bbclass in linux-yocto.inc instead of > individual recipes. > > Changes since v1: > - Patch 2/4: Removed the mandatory execution of the > generate-cve-exclusions class on every build. It now needs to be > manually run using: > bitbake -c generate-cve-exclusions <kernel-recipe>
I think it will be good to update documentation as well mentioning new variables and the step https://docs.yoctoproject.org/dev/ref-manual/variables.html https://docs.yoctoproject.org/dev/dev-manual/vulnerabilities.html > ValentinBoudevin (4): > generate-cve-exclusions: Add --output-json option > generate-cve-exclusions: Add a .bbclass > generate-cve-exclusions: Move python script > linux: Add inherit on generate-cve-exclusions > > meta/classes/generate-cve-exclusions.bbclass | 97 +++++++++++++++++++ > meta/recipes-kernel/linux/linux-yocto.inc | 3 + > .../contrib}/generate-cve-exclusions.py | 64 +++++++++--- > 3 files changed, 150 insertions(+), 14 deletions(-) > create mode 100644 meta/classes/generate-cve-exclusions.bbclass > rename {meta/recipes-kernel/linux => > scripts/contrib}/generate-cve-exclusions.py (71%) > > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#229437): https://lists.openembedded.org/g/openembedded-core/message/229437 Mute This Topic: https://lists.openembedded.org/mt/117285139/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
